{"id":6009,"date":"2019-08-15T16:15:16","date_gmt":"2019-08-15T09:15:16","guid":{"rendered":"http:\/\/gcloudvn.wam.vn\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/"},"modified":"2023-05-09T13:13:39","modified_gmt":"2023-05-09T06:13:39","slug":"gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite","status":"publish","type":"post","link":"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/","title":{"rendered":"Limit access to less secure apps to protect your G Suite account"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Co_gi_thay_doi\" >What\u2019s changing\u00a0\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Ai_la_nguoi_chiu_anh_huong\" >Who is affected?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Tai_sao_no_lai_quan_trong\" >Why is it important?\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Lam_the_nao_de_bat_dau\" >How to get started\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Chi_tiet_bo_sung\" >Additional details\u00a0<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Mot_ung_dung_kem_an_toan_LSA_la_gi\" >What is a less secure application (LSA)?\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/gioi-han-quyen-truy-cap-vao-cac-ung-dung-kem-an-toan-hon-de-bao-ve-tai-khoan-g-suite\/#Toi_co_mot_ung_dung_ma_khong_the_su_dung_OAuth_Toi_phai_lam_gi\" >I have an application that cannot use OAuth; What can I do?\u00a0<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Co_gi_thay_doi\"><\/span><span style=\"font-size: 14pt; color: #000080;\"><b>What\u2019s changing\u00a0\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">On October 30, 2019, we will begin removing the installation \u201c<\/span><a href=\"https:\/\/support.google.com\/a\/answer\/6260879\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Enforce access to less secure apps for all users<\/span><\/a><span style=\"font-weight: 400;\">\u201d from the Google Admin console. This setting will disappear from your Admin dashboard later this year.<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14582 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/unnamed.png\" alt=\"Limit access to less secure apps to protect your G Suite 1 account\" width=\"512\" height=\"88\" \/><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">If you let install <strong>\u201cEnforce access to less secure apps for all users\u201d<\/strong> for your domain name, when our change happens we will automatically select it <strong>\u201cAllow users to manage their access to less secure apps\u201d<\/strong> for replacement. You no longer have the option to enforce access to LSAs at the domain level.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">According to this change, if you \u201cAllow users to manage their access to less secure apps\u201d, users will still have the option to access LSAs, as long as the \u201c<\/span><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/support.google.com\/accounts\/answer\/6010255\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Less secure app access<\/span><\/a><\/span><span style=\"font-weight: 400;\">\u201d is installed in the user account. To minimize disruption in domains we have automatically changed the setting from \u201cEnforce access\u201d to \u201cAllow users to manage their access\u201d, this setting will be enabled by default at the time of change for all also active LSAs users.\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-14583 size-large\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2019\/08\/LSA2-1024x364.png\" alt=\"Limit access to less secure apps to protect your G Suite account \" width=\"1024\" height=\"364\" \/><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">If a user has previously chosen to allow LSAs to access their account, but sometimes no LSAs connect to their account, we will disable this setting for them in their user account. They can turn this setting back on at any time <span style=\"color: #0000ff;\">myaccount.google.com\/lesssecureapps<\/span> (as long as their admin allows them to do so).<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Ai_la_nguoi_chiu_anh_huong\"><\/span><span style=\"color: #000080; font-size: 14pt;\"><b>Who is affected?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Admins and end users\u00a0<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Tai_sao_no_lai_quan_trong\"><\/span><span style=\"font-size: 14pt; color: #000080;\"><b>Why is it important?\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">We&#039;re making this change to protect your users. LSAs connect to Google accounts using a username and password, making them vulnerable to attacks. Whenever possible, users should connect to their accounts via OAuth, a more secure method. OAuth allows third-party apps to use Google account information without the user&#039;s password, and it gives administrators security controls like the ability to whitelist apps certain and provide scope-based account access\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Visit the Help Center to learn more about <\/span><a href=\"https:\/\/support.google.com\/a\/answer\/7281227\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">how to manage OAuth-based access to connected applications<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Lam_the_nao_de_bat_dau\"><\/span><span style=\"font-size: 14pt; color: #000080;\"><b>How to get started\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\"><b>Admins: No action is required, but we recommend following the following: <\/b><\/li>\n<li style=\"list-style-type: none;\">\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">If you currently enforce access to LSAs in your domain, change your settings to disable access or allow users to manage their access as soon as possible, as LSAs can can make your Google account vulnerable to attack.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Encourage your users to use OAuth-based protocols (like OAuth-based IMAP) to grant non-Google apps access to their Google accounts, including email, calendar, and contacts\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Review our list of replacements for these <\/span><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/support.google.com\/a\/answer\/6260879#alternatives\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">less secure application<\/span><\/a><\/span><span style=\"font-weight: 400;\"><span style=\"color: #0000ff;\">.<\/span>\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Your users and internal support need to prepare for this change.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Update any user guides you previously prepared to recommend the use of OAuth or to instruct users on how to enable LSAs.\u00a0<\/span><\/li>\n<\/ul>\n<\/li>\n<li><b>End users: visit the Help Center to <\/b><span style=\"color: #0000ff;\"><a style=\"color: #0000ff;\" href=\"https:\/\/support.google.com\/accounts\/answer\/6010255\" target=\"_blank\" rel=\"nofollow noopener\"><b>Learn more about LSAs and your account.<\/b><\/a> <\/span><span style=\"font-weight: 400;\">\u00a0<\/span><\/li>\n<\/ul>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Chi_tiet_bo_sung\"><\/span><span style=\"font-size: 14pt; color: #000080;\"><b>Additional details\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Below are frequently asked questions. .<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Mot_ung_dung_kem_an_toan_LSA_la_gi\"><\/span><span style=\"color: #000080;\"><b>What is a less secure application (LSA)?\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">A less secure app (LSA) is an app that connects to a Google account using a username and password for access and does not have OAuth. In general, you should only allow your users to use external applications that connect to their Google account via OAuth, because LSAs leave the user&#039;s Google account vulnerable to attack.<\/span><\/p>\n<h3 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Toi_co_mot_ung_dung_ma_khong_the_su_dung_OAuth_Toi_phai_lam_gi\"><\/span><span style=\"color: #000080;\"><b>I have an application that cannot use OAuth; What can I do?\u00a0<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Select the \u201cAllow users to manage their access to less secure apps\u201d option in the Admin console, and ensure that the users who need to use applications allow \u201cLess secure app access\u201d at <span style=\"color: #0000ff;\">myaccount.google.com\/lesssecureapps<\/span>. We also recommend that you contact the developers of the applications and ask them to provide OAuth support, as this is a more secure option.<\/span><\/p>\n<p style=\"text-align: right;\"><strong>Source: <a href=\"https:\/\/gcloudvn.com\/en\/\">Gimasys<\/a><\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>C\u00f3 g\u00ec thay \u0111\u1ed5i\u00a0\u00a0 V\u00e0o ng\u00e0y 30 th\u00e1ng 10 n\u0103m 2019, ch\u00fang t\u00f4i s\u1ebd b\u1eaft \u0111\u1ea7u x\u00f3a c\u00e0i \u0111\u1eb7t \u201cEnforce access to less secure apps for all users\u201d t\u1eeb b\u1ea3ng \u0111i\u1ec1u khi\u1ec3n Google Admin. C\u00e0i \u0111\u1eb7t n\u00e0y s\u1ebd bi\u1ebfn m\u1ea5t&hellip;<\/p>","protected":false},"author":1,"featured_media":6010,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-6009","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kienthuc","entry","has-media"],"_links":{"self":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/6009","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/comments?post=6009"}],"version-history":[{"count":0,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/6009\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media\/6010"}],"wp:attachment":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media?parent=6009"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/categories?post=6009"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/tags?post=6009"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}